Technology Risk Oversight Senior Director
About the Job
At Freddie Mac, you will do important work to build a better housing finance system and you’ll be part of a team helping to make homeownership and rental housing more accessible and affordable across the nation.
Within Enterprise Risk Management (ERM), the Technology Risk Team is responsible for providing 2nd-line oversight of the enterprise’s Technology supporting all the operating activities of Freddie Mac. The primary responsibilities include setting the enterprise policy and standard, aligning and maintaining to the enterprise risk framework, monitoring and reporting aggregated risk and risk treatments, performing risk reviews and evaluation to identify & treat risks and enable business objectives & decision making, and driving continuous improvement of risk management capabilities across businesses and divisions.
The Sr. Director of Technology Risk is a critical corporate leadership role that reports directly to the Vice President and Head of Enterprise Operational and Technology Risks. Working closely with all businesses and divisions, and particularly with IT, the position will be directly accountable for driving the design and implementation of Technology risk methodology and capabilities across Freddie Mac in order to achieve overall mission of managing risk efficiently and effectively in conjunction with corporate strategic objectives.
Your Work Falls into the Following Two Primary Categories:
Technology Risk Management
- Develop and establish the Enterprise Technology Risk profile and reporting requirements related to technology risk for the enterprise
- Drive and execute technology risk oversight agenda as part of the risk transformation objectives, across governance, enterprise and divisional policy, standards, procedures, risk assessment and treatment, testing, and metrics & reporting
- Conduct independent risk reviews of the technology functions and processes and recommend corrective actions
- Establish and rationalize technology risk related policies, standards and procedures at enterprise level, and review divisional policy and procedures for alignment and adherence
- Provide leadership and direction across enterprise for proper planning, execution and escalation for technology risk across all businesses and divisions
- Coordinate oversight and effective challenge of other specialized domains that impact the IT Division (e.g. business resiliency, third party risk) with input from the domain risk leads, including 1LOD risk assessment and mitigation efforts
- Understand industry trends and best practices: engage with the industry and broader ecosystem to understand industry trends, create business cases for best practices and implement changes
- Assess, manage and attract talent
- The Sr Director of Technology Risk will evaluate the existing team, retain and motivate the group, attract outside talent and improve the overall quality of the team
- Be key partner with the 1st-line business teams, especially Information Technology Division, to mature risk management capabilities
- Engage stakeholders at all levels across businesses and divisions to achieve effective communication and sufficient stakeholder input and buy-in
- Provide regular updates to key stakeholders on the overall technology risk posture and communicate recommendations for improvement. Prepare necessary information to facilitate management discussion and decision making; This may include Board presentation
- Bachelor’s degree is required; a master’s degree is preferred
- Professional certifications (CRISC, CIA, CISA, CISP, etc.) beneficial
- 10+ years of experience in risk, control and governance disciplines
- 10+ years of experience in technology such as architecture, software development and technology operations
- Must have developed an enterprise-wide technology risk framework that defines the metrics used for reporting and monitoring, sets the thresholds, and determines the escalation process in the event risk tolerances are breached
- Experience developing processes to identify and evaluate technology risks and control self-assessments
- Proven independent oversight of all technology risk management standards including any key risk indicators, risk limits and approval authorities
- Experience operating within the three lines of defense
- Proven ability to build positive, collaborative relationships at all levels of the enterprise and across a diverse set of functions; Able to develop strong relationships and influence multiple stakeholders to gain alignment and buy-in on key issues will be critical for success
- Skilled in project management as well as work plan development and implementation; astute in strategic planning, budgeting, and allocation
Keys to Success in this Role:
- Substantial experience in enterprise-wide technology and IT Risk
- Experience operating within a complex organization that requires interacting with and influencing a wide range of multiple stakeholders
- Demonstrated track record of proactive approach to mitigating risk for technology risk
- Strong abilities to influence those outside his/her organization
- Act as a team builder with a track record of attracting, developing, and retaining high-performing talent
- A self-starter with a “can-do‟ attitude; a driver and implementer who possesses the poise and ability to act calmly and competently in high-pressure, high-stress situations; High emotional intelligence
- Strong resilience, ability to lead through ambiguity, and persistence to move ahead regardless of barriers
- Ensure smooth transition of leadership to maximize continuity, stability and controls throughout the organization
- Quickly and genuinely establish trust and credibility with key stakeholders and business partners across the enterprise
- Assess, determine priorities and execute crisply on the necessary changes to mature the 2nd-line risk management function and reduce operational risk
- Further develop and enhance a high-performance culture with accountability throughout the organization; mentor, develop, coach, and improve team engagement
- Establish and facilitate a coordinated effort across the divisions’ risk organizations, including Information Technology division
- Be a key partner with businesses in mobilizing Technology risk program and drive the 2nd-line oversight activities in this space
Current Freddie Mac employees please apply through the internal career site.
Today, Freddie Mac makes home possible for one in four home borrowers and is one of the largest sources of financing for multifamily housing. Join our smart, creative and dedicated team and you’ll do important work for the housing finance system and make a difference in the lives of others.
We are an equal opportunity employer and value diversity and inclusion at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, disability status or any other characteristic protected by applicable law. We will ensure that individuals with differing abilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.
Notice to External Search Firms: Freddie Mac partners with BountyJobs for contingency search business through outside firms. Resumes received outside the BountyJobs system will be considered unsolicited and Freddie Mac will not be obligated to pay a placement fee. If interested in learning more, please visit www.BountyJobs.com and register with our referral code: MAC.Time-type:Full timeJob Category:RiskFLSA Status:Exempt